Azure Information Protection – the year that was 2017!

Hi everyone, and welcome to the very last blog from me this year! It has been an incredible year, and I wanted to take this opportunity to take a walk down memory lane and see just how far the Information Protection space has come. We have seen incredible uptake of Azure Information Protection (AIP) and it’s great to see the momentum, thank you! It’s especially rewarding to learn that our customers are benefitting from the solutions we develop. Check out our latest customer story from Yara.

What a year!

It seems like only yesterday that we were getting ready to launch AIP. After a bit of a splash at Microsoft Ignite, on October 4, 2016, AIP moved to GA and was quickly followed up with a December Preview. We looked to operate at a fast pace, so the December release moved to GA in February 2017 which to me was the beginning on when we really started to see adoption move in earnest (and it has continued to accelerate all year!).

An ask we heard loud and clear from you was for more guidance, and so began the Ready, Set, Protect! Series which was designed to give you a set of guidelines and approaches as you worked through your deployment and adoption of an information protection taxonomy. We even did an adoption and deployment session at Ignite where one of our customers joined us to share their approach towards label taxonomy. Based on our experiences at Microsoft, we also developed an adoption guide that you can use to get started with information protection in your company easily and quickly.

As most of you are aware, we have had Protection for a long time, first with ADRMS and then Azure RMS. This naturally came with a set of prior functions and configuration which we needed to rationalize, and we began the unification of these assets with the Unified Administration Preview in April. This unification is now complete, and we continue to invest in making it easier for our admins to configure and manage AIP.

And then we closed the year out with two more significant Previews in Conditional Access and Azure Information Protection scanner in October to ensure that you can leverage your information protection policies to define how and when sensitive data can be accessed, and perform large-scale interrogation and enforcement of existing data.

That was quite a year! We certainly had fun working with you, learning, listening and shipping, and we hope you are gaining value from our efforts.

Themes in adoption

I would also like to capture some themes we have seen emerge over the year as we worked with you on your information protection journey.

There are many ways to approach defining, deploying and adopting an information protection taxonomy and policy. But two approaches have become the de facto:

Start broad and simple (such as labels only for everyone) and then layer on additional items

Go deep and complete with smaller groups (such as business units that generate the most sensitive data like M&A, HR, Finance, Legal) and move from one to the next.

You will spend as much time defining your taxonomy as you will deploying it.

I always ask for the name of the taxonomy owner. Not a role, a name. Even agreeing on that can be hard! Then agree on who gets a say, and what the approval process looks like.

We put a lot of effort into the defaults we provide. If you have an existing taxonomy, use it. If you don’t, use the default to get started.

Remember you are deploying an end user facing security solution. Spend time on user education and training. We built a lot of assets as part of the internal Microsoft deployment, and we have generalized them so you can leverage – everything from form emails to posters for the walls. Check out the adoption guide we built for you.

Always have a plan. A complete plan. A typical AIP deployment includes security, compliance, privacy, desktop management, mobile management, identity and collaboration teams, and then representatives from business units. That’s a lot of coordination.

Tell us what you think! We run a vibrant Yammer community and track all feature requests in Uservoice. We hear, we listen and we respond. (and please use your corporate details, an anonymous address is a single voice, a corporate voice is representative of your business size!).

We have had a great year, we hope you have too. THANK YOU for all the engagement, discussions, debates and feedback. We do this for you, please have a fantastic end of the year and see you in 2018!

Adam Hall (on behalf of all the incredible people who deliver Azure Information Protection)

Recent Posts from EMS Leaders

Everyone (and I mean everyone) on the Microsoft 365 team has been pursuing some very ambitious goals in the ten months since we launched Microsoft 365. Those goals have all been laser focused on one key thing: Helping our customers effectively navigate their own unique path towards the digital transformation that they need to succeed...

Howdy folks, Today I’m happy to announce the public preview of the PingFederate configuration integration in the latest release of AADConnect. With this release customers can easily and reliably configure their Azure Active Directory environment to use PingFederate as their federation provider, and we’re excited to offer a more seamless integration experience to our customers....

If you ever got to shadow a Microsoft leader for a day and listen in on the meetings they attend, I think you’d be surprised by how much time is spent talking about how to support the day-to-day work done by IT Pros. We think about this constantly. A lot of answers to these questions...

On Wednesday we announced that the Microsoft Intune APIs being surfaced through Microsoft Graph have been moved from “preview” to Generally Available. We are really excited about this milestone, and we look forward to learning how to make it even better as you give us feedback and direction on the way you want to use...

Last week at Microsoft Ignite, more than 25,000 IT professionals converged in Orlando Florida to learn about Microsoft’s technology advancements, skill up across new products, and meet with Microsoft experts. For EMS we unveiled a wave of new capabilities, presented more than 45 sessions, and met with thousands of customers. I wanted to take a...